Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 401 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2025-5692 Lead Form Data Collection to CRM <= 3.1 - Missing Authorization to Authenticated (Subscriber+) Many Actions smackcodersLead Form Data Collection to CRM Medium 6.3 2025-07-02 02:03:53 Deep Dive
CVE-2024-12150 SQLi in Eron Software's Wowwo CRM Eron SoftwareWowwo CRM Critical 9.8 2025-06-27 16:40:48 Deep Dive
CVE-2025-24774 WordPress WPCRM - CRM for Contact form CF7 & WooCommerce plugin <= 3.2.0 - Reflected Cross Site Scripting (XSS) vulnerability mojoomlaWPCRM - CRM for Contact form CF7 & WooCommerce High 7.1 2025-06-27 11:52:47 Deep Dive
CVE-2025-49987 WordPress CRM ERP Business Solution plugin <= 1.13 - Broken Access Control Vulnerability WPFactoryCRM ERP Business Solution Medium 5.3 2025-06-20 15:04:10 Deep Dive
CVE-2025-50037 WordPress Buying Buddy IDX CRM plugin <= 2.3.0 - Cross Site Scripting (XSS) Vulnerability Buying BuddyBuying Buddy IDX CRM Medium 6.5 2025-06-20 15:03:52 Deep Dive
CVE-2025-1562 Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit <= 3.5.3 - Missing Authorization to Unauthenticated Arbitrary Plugin Installation amans2kFunnelKit Automations – Email Marketing Automation and CRM for WordPress & WooCommerce Critical 9.8 2025-06-18 07:22:44 Deep Dive
CVE-2025-24773 WordPress WPCRM - CRM for Contact form CF7 & WooCommerce plugin <= 3.2.0 - SQL Injection Vulnerability mojoomlaWPCRM - CRM for Contact form CF7 & WooCommerce Critical 9.3 2025-06-17 15:01:40 Deep Dive
CVE-2025-49330 WordPress Integration for Contact Form 7 and Zoho CRM, Bigin plugin <= 1.3.0 - PHP Object Injection Vulnerability CRM PerksIntegration for Contact Form 7 and Zoho CRM, Bigin Critical 9.8 2025-06-17 15:01:23 Deep Dive
CVE-2025-6132 Chanjet CRM departmentsetting.php sql injection ChanjetCRM High 7.3 2025-06-16 17:31:05 Deep Dive
CVE-2025-30953 WordPress WP Gravity Forms Salesforce plugin <= 1.4.7 - Open Redirection Vulnerability CRM PerksWP Gravity Forms Salesforce Medium 4.7 2025-06-06 12:54:11 Deep Dive
CVE-2025-30954 WordPress WP Gravity Forms Constant Contact Plugin <= 1.1.0 - Open Redirection Vulnerability CRM PerksWP Gravity Forms Constant Contact Plugin Medium 4.7 2025-06-06 12:54:10 Deep Dive
CVE-2025-49270 WordPress WP-CRM System plugin <= 3.4.2 - Broken Access Control Vulnerability Mario PeshevWP-CRM System Medium 5.3 2025-06-06 12:53:40 Deep Dive
CVE-2025-5227 PHPGurukul Small CRM manage-tickets.php sql injection PHPGurukulSmall CRM High 7.3 2025-05-27 03:00:10 Deep Dive
CVE-2025-5226 PHPGurukul Small CRM change-password.php sql injection PHPGurukulSmall CRM High 7.3 2025-05-27 02:31:08 Deep Dive
CVE-2025-5152 Chanjet CRM newActivityedit.php sql injection ChanjetCRM Medium 6.3 2025-05-25 17:00:09 Deep Dive
CVE-2025-47513 WordPress Infocob CRM Forms plugin <= 2.4.0 - Arbitrary File Download vulnerability James LaforgeInfocob CRM Forms Medium 4.9 2025-05-23 12:43:34 Deep Dive
CVE-2025-47690 WordPress Lead Form Data Collection to CRM plugin <= 3.1 - Arbitrary Option Update to Privilege Escalation vulnerability Smackcoders Inc.,Lead Form Data Collection to CRM High 8.8 2025-05-23 12:43:18 Deep Dive
CVE-2024-12812 WP ERP < 1.13.4 - Custom+ Unauthorized Access to Terminated Employee Information UnknownWP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting--2025-05-15 20:06:58 Deep Dive
CVE-2024-12808 WP ERP | Complete HR solution with recruitment < 1.13.4 - Admin+ Stored XSS UnknownWP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting--2025-05-15 20:06:57 Deep Dive
CVE-2025-4510 Changjietong UFIDA CRM optntyday.php sql injection ChangjietongUFIDA CRM Medium 6.3 2025-05-10 18:00:07 Deep Dive